Versions Compared

Old Version 3

changes.mady.by.user Ann Base (Deactivated)

Saved on

compared with

New Version Current

changes.mady.by.user Ylva Andersson

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Minor

...

Info

This article is valid for Smart ID 20.06.1 and later.

Excerpt

When Smart ID Identity Manager is running in the cloud it does not have access to internal customer systems, like, for example, LDAP. It can not be guaranteed that a service in the customer's network can be accessed. To get access to customer systems, the Smart ID Agent (DataSyncProxy) is

...

used.

The Smart ID Agent (DataSyncProxy) is a small Spring Boot application. It is placed and runs on a machine in the customers network environment. The machine on which

...

the Smart ID Agent (DataSyncProxy) runs must have access to internal systems like LDAP.

...

The Smart ID Agent (DataSyncProxy) connects

...

with Identity Manager (in the cloud) with a normal http connection. The connection is held as long as the proxy is running. While the connection is held,

...

 Identity Manager (in the cloud) is able to send Server-Sent Events (SSE) to the Smart ID Agent (DataSyncProxy).

...

 The Smart ID Agent (DataSyncProxy) allows accessing a subsystem (search and export) in the same way as with any data source in a non-cloud installation of

...

Identity Manager.

The picture illustrates how

...

the Smart ID Agent (DataSyncProxy) is placed in the customer's network.

  • Customer 1 and Customer 2 symbolizes networks at two different customers that connect to

...

  • the Identity Manager cloud service via the gateway.

  • When the user performs a search in

...

  • Identity Manager, the Smart ID Agent (DataSyncProxy) provides a data connection to the user’s subsystem and transfers the search result data to

...

  • Identity Manager. Subsystems could be the LDAP, an external JDBC database, a SCIM data source, etc.

...

  • The Smart ID Agent (DataSyncProxy) also allows the export of data from

...

  • Identity Manager to the user’s subsystem.

This article is valid from Nexus PRIME 3.11.

How the DataSyncProxy is placed in the customer's network.Image Removed

Expand
titleEnable the DataSyncProxy to PRIME
  1. In PRIME Designer, go to Home > Data pool.
  2. To edit an existing data pool, double-click the data pool name.
  3. In the Data sources tab, select one of the data sources in the Type drop-down list.
  4. Check DataSyncProxy enabled.
  5. Click Save.

...

titleConfigure values for DataSyncProxy

In PRIME

In PRIME's system.properties these are the standard settings for response intervals and timeouts for PRIME Explorer (for executing searches, exporting data, ...) and for PRIME Designer (for testing connection, getting the scim resource types and getting the attribute lists). If needed, they can be configured.

Code Block
titleExample: Configure DataSyncProxy in system.properties
dataSync.responsePollingIntervalInMs=200
dataSync.responsePollingTimeoutInMs=30000
dataSync.proxyConnectionTimeoutInMs=3600000
 
# when the connection timeout above occurs, spring logs a message on error level. To disable this enter: (Note: if you want to be sure not to miss any other logs do not turn this on)
dataSync.suppressSpringMvcExceptionsWhileTimeout=true

In customer system

In data_sync_proxy.yaml the following can be configured:

...

titleExample: Configure data_sync_proxy.yaml

...

Read more about how to enable and configure Smart ID Agent (DataSyncProxy) here: Access local services from Identity Manager in the cloud.